Unrated severityNVD Advisory· Published Apr 18, 2012· Updated Apr 29, 2026

CVE-2012-1800

Description

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a crafted DCP frame.

Affected products

Siemens Foundation/Scalance S Firmware3 versions
cpe:2.3:a:siemens:scalance_s_firmware:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:siemens:scalance_s_firmware:*:*:*:*:*:*:*:*range: <=2.3.0
- cpe:2.3:a:siemens:scalance_s_firmware:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:scalance_s_firmware:2.2.0:*:*:*:*:*:*:*
Siemens Foundation/Scalance S602
cpe:2.3:h:siemens:scalance_s602:v2:*:*:*:*:*:*:*
Siemens Foundation/Scalance S612
cpe:2.3:h:siemens:scalance_s612:v2:*:*:*:*:*:*:*
Siemens Foundation/Scalance S613
cpe:2.3:h:siemens:scalance_s613:v2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-268149.pdfnvdVendor Advisory
www.us-cert.gov/control_systems/pdf/ICSA-12-102-05.pdfnvdUS Government Resource
osvdb.org/81034nvd
support.automation.siemens.com/WW/view/en/59869684nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000